浏览器REST客户端要求提供凭据,但RESTEasy服务无法使用

时间:2014-03-03 11:24:25

标签: java resteasy spring-security-oauth2

我使用Spring安全性Oauth2在java中创建了一个RESTEasy服务,用于身份验证和令牌生成。每件事情都适合我,但当我尝试访问我的服务从浏览器REST客户端生成令牌时,它要求凭证并且它失败但同时如果我通过Java中的HTTPClient访问相同的服务它对我有用,

HttpClient client = new DefaultHttpClient();
    HttpPost post = new HttpPost("http://localhost:80/my-rest-application/oauth/token");

          List<NameValuePair> nameValuePairs = new ArrayList<NameValuePair>(1);
          nameValuePairs.add(new BasicNameValuePair("client_id","myclientid"));
          nameValuePairs.add(new BasicNameValuePair("client_secret","myclientsecret"));
          nameValuePairs.add(new BasicNameValuePair("username","someuser"));
          nameValuePairs.add(new BasicNameValuePair("password","somepassword"));
          nameValuePairs.add(new BasicNameValuePair("grant_type","password"));

          post.setEntity(new UrlEncodedFormEntity(nameValuePairs));

          HttpResponse response = client.execute(post);

java中的Http客户端为我工作但在浏览器休息客户端它要求凭据并返回错误请求 browser rest client response

知道为什么会这样吗?

我的配置,

<http pattern="/oauth/token" create-session="stateless"
    authentication-manager-ref="clientAuthenticationManager"
    xmlns="http://www.springframework.org/schema/security" > 
    <intercept-url pattern="/oauth/token" access="IS_AUTHENTICATED_FULLY" />
    <anonymous enabled="false" />
    <http-basic entry-point-ref="clientAuthenticationEntryPoint" />
    <!-- include this only if you need to authenticate clients via request parameters -->
    <custom-filter ref="clientCredentialsTokenEndpointFilter" before="BASIC_AUTH_FILTER" /> 
    <access-denied-handler ref="oauthAccessDeniedHandler" />
</http>


<authentication-manager id="clientAuthenticationManager" xmlns="http://www.springframework.org/schema/security">
    <authentication-provider user-service-ref="clientDetailsUserService" />
</authentication-manager>

<bean id="clientDetailsUserService"
    class="org.springframework.security.oauth2.provider.client.ClientDetailsUserDetailsService">
    <constructor-arg ref="clientDetails" />
</bean>

<bean id="clientDetails" class="my own client details implementation"/>



<bean id="clientAuthenticationEntryPoint"
    class="org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint">
    <!-- <property name="realmName" value="springsec/client" /> -->
    <property name="realmName" value="test/client" />
    <property name="typeName" value="Basic" />
</bean>

<bean id="clientCredentialsTokenEndpointFilter"
    class="org.springframework.security.oauth2.provider.client.ClientCredentialsTokenEndpointFilter">
    <property name="authenticationManager" ref="clientAuthenticationManager" />
</bean>

<authentication-manager id="clientAuthenticationManager" xmlns="http://www.springframework.org/schema/security">
    <authentication-provider user-service-ref="clientDetailsUserService" />
</authentication-manager>

1 个答案:

答案 0 :(得分:0)

将REST客户端上的content-type更改为application/x-www-form-urlencoded

相关问题
最新问题